With the large scale adoption of decentralized of computing models like client-server and distributed computing, etc., the resulting topologies consist of many individual compute nodes or platforms connected together through a communication network. One of the continuing challenges of the decentralized approach is that of security, because the network implementing it also provides ready access for security breaches.
Cryptology provides a means to defeat eavesdropping and man-in-the-middle security threats along a network path from endpoint to endpoint. But a further security problem is the issue of authentication. How can it be determined that the computer at the other endpoint is really who it represents itself it to be?
Passwords are a common authenticating tool. However it is widely known that passwords have vulnerabilities.
Another authentication approach is the digital certificate. A digital certificate is based on asymmetric encryption technology that is signed by a trusted third party that can vouch for the user of the certificate. While this authentication approach is common, it requires considerable set-up and look-up time to verify the user credentials through the third party “web of trust”.
The present invention relates to improvements to the systems described above, and to solutions to some of the problems raised or not solved thereby.